Subject: Re: Opera vulnerability for Firefox?
To: grant beattie <>
From: Jaromir Dolecek <>
List: tech-pkg
Date: 02/27/2005 19:47:27
On Sun, Feb 27, 2005 at 02:20:51PM +1100, grant beattie wrote:
> opera<7.54pl2           remote-code-execution
> opera<=7.54pl2          www-address-spoof
> firefox{,-bin,-gtk2,-gtk2-bin}<=1.0             www-address-spoof
> mozilla{,-bin,-gtk2,-gtk2-bin}<=1.7.5           www-address-spoof
> relates to an issue in Opera,
> Firefox and Mozilla aren't mentioned.

Those were pastos, I fixed those just now.
> and, from my reading, this is more of a social engineering problem than
> an actual software security issue.

The software part is that the user is let to believe they are
on different site than they really are.


And try the 'Test Now - Left Click on This Link'. In Opera,
the link itself appears to lead to, and when opened
the address bar contains '

In other words, this can be miused for phishing attacks.

Jaromir Dolecek <>  
-=- We can walk our road together if our goals are all the same;     -=-
-=- We can run alone and free if we pursue a different aim.          -=-